--- doc/install/linux/install.pl 2017/03/29 22:52:04 1.41 +++ doc/install/linux/install.pl 2020/07/08 17:40:18 1.45.2.8 @@ -27,6 +27,9 @@ use strict; use File::Copy; use Term::ReadKey; use DBI; +use Cwd(); +use File::Basename(); +use lib File::Basename::dirname(Cwd::abs_path($0)); use LCLocalization::localize; # ========================================================= The language handle @@ -72,7 +75,7 @@ if (!open(LOG,">>loncapa_install.log")) &mt('Stopping execution.')."\n"; exit; } else { - print LOG '$Id: install.pl,v 1.41 2017/03/29 22:52:04 raeburn Exp $'."\n"; + print LOG '$Id: install.pl,v 1.45.2.8 2020/07/08 17:40:18 raeburn Exp $'."\n"; } # @@ -159,9 +162,20 @@ sub get_user_selection { } sub get_distro { - my ($distro,$gotprereqs,$updatecmd,$packagecmd,$installnow); + my ($distro,$gotprereqs,$updatecmd,$packagecmd,$installnow,$unknown); $packagecmd = '/bin/rpm -q LONCAPA-prerequisites '; - if (-e '/etc/redhat-release') { + if (-e '/etc/oracle-release') { + open(IN,'; + chomp($versionstring); + close(IN); + if ($versionstring =~ /^Oracle Linux Server release (\d+)/) { + my $version = $1; + $distro = 'oracle'.$1; + $updatecmd = 'yum install LONCAPA-prerequisites'; + $installnow = 'yum -y install LONCAPA-prerequisites'; + } + } elsif (-e '/etc/redhat-release') { open(IN,'; chomp($versionstring); @@ -191,6 +205,10 @@ sub get_distro { $distro = 'rhes'.$1; $updatecmd = 'yum install LONCAPA-prerequisites'; $installnow = 'yum -y install LONCAPA-prerequisites'; + } elsif ($versionstring =~ /Red Hat Enterprise Linux release (\d+)/) { + $distro = 'rhes'.$1; + $updatecmd = 'dnf install LONCAPA-prerequisites'; + $installnow = 'dnf -y install LONCAPA-prerequisites'; } elsif ($versionstring =~ /CentOS(?:| Linux) release (\d+)/) { $distro = 'centos'.$1; $updatecmd = 'yum install LONCAPA-prerequisites'; @@ -204,6 +222,7 @@ sub get_distro { } else { print &mt('Unable to interpret [_1] to determine system type.', '/etc/redhat-release')."\n"; + $unknown = 1; } } elsif (-e '/etc/SuSE-release') { open(IN,'; chomp($versionstring); close(IN); - $packagecmd = '/usr/bin/dpkg -l loncapa-prerequisites '; - $updatecmd = 'apt-get install loncapa-prerequisites'; if ($versionstring =~ /^Ubuntu (\d+)\.\d+/i) { $distro = 'ubuntu'.$1; $updatecmd = 'sudo apt-get install loncapa-prerequisites'; } elsif ($versionstring =~ /^Debian\s+GNU\/Linux\s+(\d+)\.\d+/i) { $distro = 'debian'.$1; + $updatecmd = 'apt-get install loncapa-prerequisites'; } elsif (-e '/etc/debian_version') { open(IN,'; @@ -250,13 +269,15 @@ sub get_distro { close(IN); if ($version =~ /^(\d+)\.\d+\.?\d*/) { $distro='debian'.$1; + $updatecmd = 'apt-get install loncapa-prerequisites'; } else { print &mt('Unable to interpret [_1] to determine system type.', '/etc/debian_version')."\n"; + $unknown = 1; } - } else { - print &mt('Unable to interpret [_1] to determine system type.', - '/etc/issue')."\n"; + } + if ($distro ne '') { + $packagecmd = '/usr/bin/dpkg -l loncapa-prerequisites '; } } elsif (-e '/etc/debian_version') { open(IN,') { + chomp(); + if (/^ID="(\w+)"/) { + $id=$1; + } elsif (/^VERSION_ID="([\d\.]+)"/) { + $version=$1; + } + } + close(IN); + if ($id eq 'sles') { + my ($major,$minor) = split(/\./,$version); + if ($major =~ /^\d+$/) { + $distro = $id.$major; + $updatecmd = 'zypper install LONCAPA-prerequisites'; + } + } + } + if ($distro eq '') { + print &mt('Unable to interpret [_1] to determine system type.', + '/etc/os-release')."\n"; + $unknown = 1; + } + } else { + print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora, scientific linux, or oracle linux system.')."\n"; } - } else { - print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora or scientific linux system.')."\n"; } return ($distro,$packagecmd,$updatecmd,$installnow); } @@ -307,45 +357,61 @@ sub check_prerequisites { sub check_locale { my ($distro) = @_; - my ($fh,$langvar,$command); + my ($fh,$langvar,$command,$earlyout); $langvar = 'LANG'; if ($distro =~ /^(ubuntu|debian)/) { if (!open($fh,"= 15)) { + if (!open($fh,"= 18) { if (!open($fh,"= 7) { if (!open($fh,"; chomp(@data); foreach my $item (@data) { @@ -359,9 +425,13 @@ sub check_locale { $command = 'sudo locale-gen en_US.UTF-8'."\n". 'sudo update-locale LANG=en_US.UTF-8'; } elsif ($distro =~ /^(suse|sles)/) { - $command = 'yast language'; - } else { + $command = 'yast language'; + } elsif (-e '/usr/bin/system-config-language') { $command = 'system-config-language'; + } elsif (-e '/usr/bin/localectl') { + $command = '/usr/bin/localectl set-locale LANG=en_US.UTF-8'; + } else { + $command = 'No standard command found'; } } last; @@ -457,7 +527,7 @@ sub check_mysql_running { if ($1 >= 19) { $mysqldaemon ='mariadb'; } - } elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { + } elsif ($distro =~ /^(?:centos|rhes|scientific|oracle)(\d+)/) { if ($1 >= 7) { $mysqldaemon ='mariadb'; $process = 'mysqld'; @@ -467,6 +537,11 @@ sub check_mysql_running { } elsif ($distro =~ /^sles(\d+)/) { if ($1 >= 12) { $use_systemctl = 1; + $proc_owner = 'mysql'; + $process = 'mysqld'; + } + if ($1 >= 15) { + $mysqldaemon ='mariadb'; } } elsif ($distro =~ /^suse(\d+)/) { if ($1 >= 13) { @@ -551,7 +626,12 @@ sub chkconfig { $uses_systemctl{'ntp'} = 1; $uses_systemctl{'cups'} = 1; $uses_systemctl{'memcached'} = 1; - $daemon{'ntp'} = 'ntpd'; + if (($name eq 'sles') && ($num >= 15)) { + $daemon{'ntp'} = 'chronyd'; + $daemon{'mysql'} = 'mariadb'; + } else { + $daemon{'ntp'} = 'ntpd'; + } } } } @@ -559,13 +639,24 @@ sub chkconfig { my $version = $1; @runlevels = qw/2 3 4 5/; @norunlevels = qw/0 1 6/; - $checker_bin = '/usr/sbin/sysv-rc-conf'; + if (($distro =~ /^ubuntu/) && ($version <= 16)) { + $checker_bin = '/usr/sbin/sysv-rc-conf'; + } else { + $uses_systemctl{'ntp'} = 1; + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; + } $daemon{'mysql'} = 'mysql'; $daemon{'apache'} = 'apache2'; $daemon{'ntp'} = 'ntp'; if (($distro =~ /^ubuntu/) && ($version <= 8)) { $daemon{'cups'} = 'cupsys'; } + if (($distro =~ /^ubuntu/) && ($version >= 18)) { + $daemon{'ntp'} = 'chrony'; + } } elsif ($distro =~ /^fedora(\d+)/) { my $version = $1; if ($version >= 15) { @@ -580,7 +671,10 @@ sub chkconfig { if ($version >= 19) { $daemon{'mysql'} = 'mariadb'; } - } elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { + if ($version >= 26) { + $daemon{'ntp'} = 'chronyd'; + } + } elsif ($distro =~ /^(?:centos|rhes|scientific|oracle)(\d+)/) { my $version = $1; if ($version >= 7) { $uses_systemctl{'ntp'} = 1; @@ -590,6 +684,9 @@ sub chkconfig { $uses_systemctl{'cups'} = 1; $daemon{'mysql'} = 'mariadb'; } + if (($version >= 8) || ($distro eq 'oracle7')) { + $daemon{'ntp'} = 'chronyd'; + } } my $nocheck; if (! -x $checker_bin) { @@ -673,7 +770,7 @@ sub chkconfig { } else { $major = $version; } - if ($major > 10) { + if (($major > 10) && ($major <= 13)) { if (&check_SuSEfirewall2_setup($instdir)) { $needfix{'insserv'} = 1; } @@ -682,6 +779,52 @@ sub chkconfig { return (\%needfix,\%tostop,\%uses_systemctl); } +sub uses_firewalld { + my ($distro) = @_; + my ($inuse,$checkfirewalld,$zone); + if ($distro =~ /^(suse|sles)([\d\.]+)$/) { + if (($1 eq 'sles') && ($2 >= 15)) { + $checkfirewalld = 1; + } + } elsif ($distro =~ /^fedora(\d+)$/) { + if ($1 >= 18) { + $checkfirewalld = 1; + } + } elsif ($distro =~ /^(?:centos|rhes|scientific|oracle)(\d+)/) { + if ($1 >= 7) { + $checkfirewalld = 1; + } + } + if ($checkfirewalld) { + my ($loaded,$active); + if (open(PIPE,"systemctl status firewalld |")) { + while () { + chomp(); + if (/^\s*Loaded:\s+(\w+)/) { + $loaded = $1; + } + if (/^\s*Active\s+(\w+)/) { + $active = $1; + } + } + close(PIPE); + } + if (($loaded eq 'loaded') || ($active eq 'active')) { + $inuse = 1; + my $cmd = 'firewall-cmd --get-default-zone'; + if (open(PIPE,"$cmd |")) { + my $result = ; + chomp($result); + close(PIPE); + if ($result =~ /^\w+$/) { + $zone = $result; + } + } + } + } + return ($inuse,$zone); +} + sub chkfirewall { my ($distro) = @_; my $configfirewall = 1; @@ -690,30 +833,44 @@ sub chkfirewall { https => 443, ); my %activefw; - if (&firewall_is_active()) { - my $iptables = &get_pathto_iptables(); - if ($iptables eq '') { - print &mt('Firewall not checked as path to iptables not determined.')."\n"; - } else { - my @fwchains = &get_fw_chains($iptables,$distro); - if (@fwchains) { - foreach my $service ('http','https') { - foreach my $fwchain (@fwchains) { - if (&firewall_is_port_open($iptables,$fwchain,$ports{$service})) { - $activefw{$service} = 1; - last; + my ($firewalld,$zone) = &uses_firewalld($distro); + if ($firewalld) { + my %current; + if (open(PIPE,'firewall-cmd --permanent --zone='.$zone.' --list-services |')) { + my $svc = ; + close(PIPE); + chomp($svc); + map { $current{$_} = 1; } (split(/\s+/,$svc)); + } + if ($current{'http'} && $current{'https'}) { + $configfirewall = 0; + } + } else { + if (&firewall_is_active()) { + my $iptables = &get_pathto_iptables(); + if ($iptables eq '') { + print &mt('Firewall not checked as path to iptables not determined.')."\n"; + } else { + my @fwchains = &get_fw_chains($iptables,$distro); + if (@fwchains) { + foreach my $service ('http','https') { + foreach my $fwchain (@fwchains) { + if (&firewall_is_port_open($iptables,$fwchain,$ports{$service})) { + $activefw{$service} = 1; + last; + } } } + if ($activefw{'http'}) { + $configfirewall = 0; + } + } else { + print &mt('Firewall not checked as iptables Chains not identified.')."\n"; } - if ($activefw{'http'}) { - $configfirewall = 0; - } - } else { - print &mt('Firewall not checked as iptables Chains not identified.')."\n"; } + } else { + print &mt('Firewall not enabled.')."\n"; } - } else { - print &mt('Firewall not enabled.')."\n"; } return ($configfirewall,\%activefw); } @@ -772,16 +929,35 @@ sub chkapache { } } } - } elsif ($distro =~ /^(?:suse|sles)([\d\.]+)$/) { + if ((!$fixapache) && ($distname eq 'ubuntu')) { + my $sitestatus = "/etc/apache2/mods-available/status.conf"; + my $stdstatus = "$instdir/debian-ubuntu/status.conf"; + if ((-e $stdstatus) && (-e $sitestatus)) { + if (open(PIPE, "diff --brief $stdstatus $sitestatus |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + if ($diffres) { + $fixapache = 1; + } + } + } + } + } elsif ($distro =~ /^(suse|sles)([\d\.]+)$/) { + my ($name,$version) = ($1,$2); my $apache = 'apache'; - if ($1 >= 10) { + my $conf_file = "$instdir/sles-suse/default-server.conf"; + if ($version >= 10) { $apache = 'apache2'; } - if (!-e "$instdir/sles-suse/default-server.conf") { + if (($name eq 'sles') && ($version >= 12)) { + $conf_file = "$instdir/sles-suse/apache2.4/default-server.conf"; + } + if (!-e $conf_file) { $fixapache = 0; print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n"; - } elsif ((-e "/etc/$apache/default-server.conf") && (-e "$instdir/sles-suse/default-server.conf")) { - if (open(PIPE, "diff --brief $instdir/sles-suse/default-server.conf /etc/$apache/default-server.conf |")) { + } elsif (-e "/etc/$apache/default-server.conf") { + if (open(PIPE, "diff --brief $conf_file /etc/$apache/default-server.conf |")) { my $diffres = ; close(PIPE); chomp($diffres); @@ -806,7 +982,8 @@ sub chkapache { } } else { my $configfile = 'httpd.conf'; - if ($distro =~ /^(?:centos|rhes|scientific)(\d+)$/) { + my $mpmfile = 'mpm.conf'; + if ($distro =~ /^(?:centos|rhes|scientific|oracle)(\d+)$/) { if ($1 >= 7) { $configfile = 'apache2.4/httpd.conf'; } elsif ($1 > 5) { @@ -814,7 +991,7 @@ sub chkapache { } } elsif ($distro =~ /^fedora(\d+)$/) { if ($1 > 17) { - $configfile = 'apache2.4/httpd.conf'; + $configfile = 'apache2.4/httpd.conf'; } elsif ($1 > 10) { $configfile = 'new/httpd.conf'; } @@ -832,6 +1009,20 @@ sub chkapache { } } } + if (-e "/etc/httpd/conf.modules.d/00-mpm.conf") { + if (!-e "$instdir/centos-rhes-fedora-sl/$mpmfile") { + print &mt('Warning: No LON-CAPA Apache MPM configuration file found for installation check.')."\n"; + } elsif ((-e "/etc/httpd/conf.modules.d/00-mpm.conf") && (-e "$instdir/centos-rhes-fedora-sl/$mpmfile")) { + if (open(PIPE, "diff --brief $instdir/centos-rhes-fedora-sl/$mpmfile /etc/httpd/conf.modules.d/00-mpm.conf |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + if ($diffres) { + $fixapache = 1; + } + } + } + } } return $fixapache; } @@ -1066,10 +1257,16 @@ sub get_pathto_iptables { sub firewall_is_active { if (-e '/proc/net/ip_tables_names') { - return 1; - } else { - return 0; + if (open(PIPE,'cat /proc/net/ip_tables_names |grep filter |')) { + my $status = ; + close(PIPE); + chomp($status); + if ($status eq 'filter') { + return 1; + } + } } + return 0; } sub get_fw_chains { @@ -1085,6 +1282,8 @@ sub get_fw_chains { @posschains = ('ufw-user-input','INPUT'); } elsif ($distro =~ /^debian5/) { @posschains = ('INPUT'); + } elsif ($distro =~ /^(suse|sles)(\d+)/) { + @posschains = ('IN_public'); } else { @posschains = ('RH-Firewall-1-INPUT','INPUT'); if (!-e '/etc/sysconfig/iptables') { @@ -1284,7 +1483,7 @@ if ($distro eq '') { print "\n".&mt('Linux distribution could not be verified as a supported distribution.')."\n". &mt('The following are supported: [_1].', 'CentOS, RedHat Enterprise, Fedora, Scientific Linux, '. - 'openSuSE, SLES, Ubuntu LTS, Debian')."\n\n". + 'Oracle Linux, openSuSE, SLES, Ubuntu LTS, Debian')."\n\n". &mt('Stopping execution.')."\n"; exit; } @@ -1447,11 +1646,12 @@ if ($dbh) { if ($callsub{'apache'}) { if ($distro =~ /^(suse|sles)/) { - ©_apache2_suseconf($instdir); + ©_apache2_suseconf($instdir,$distro); } elsif ($distro =~ /^(debian|ubuntu)/) { ©_apache2_debconf($instdir,$distro); } else { ©_httpd_conf($instdir,$distro); + ©_mpm_conf($instdir,$distro); } } else { print_and_log(&mt('Skipping configuration of Apache web server.')."\n"); @@ -1475,18 +1675,51 @@ if ($callsub{'runlevels'}) { } } } - if ($distro =~ /^(suse|sles)/) { - &update_SuSEfirewall2_setup($instdir); + if ($distro =~ /^(suse|sles)(\d+)/) { + unless(($1 eq 'sles') && ($2 >= 15)) { + &update_SuSEfirewall2_setup($instdir); + } } } else { &print_and_log(&mt('Skipping setting override for start-up order of services.')."\n"); } if ($callsub{'firewall'}) { - if ($distro =~ /^(suse|sles)/) { + my ($firewalld,$zone) = &uses_firewalld($distro); + if ($firewalld) { + my (%current,%added); + if (open(PIPE,"firewall-cmd --permanent --zone=$zone --list-services |")) { + my $svc = ; + close(PIPE); + chomp($svc); + map { $current{$_} = 1; } (split(/\s+/,$svc)); + } + foreach my $service ('http','https') { + unless ($current{$service}) { + if (open(PIPE,"firewall-cmd --permanent --zone=$zone --add-service=$service |")) { + my $result = ; + if ($result =~ /^success/) { + $added{$service} = 1; + } + } + } + } + if (keys(%added) > 0) { + print &mt('Firewall configured to allow access for: [_1].', + join(', ',sort(keys(%added))))."\n"; + } + if ($current{'http'} || $current{'https'}) { + print &mt('Firewall already configured to allow access for:[_1].', + (($current{'http'})? ' http':'').(($current{'https'})? ' https':''))."\n"; + } + unless ($current{'ssh'}) { + print &mt('If you would the like to allow access to ssh from outside, use the command[_1].', + "firewall-cmd --permanent --zone=$zone --add-service=ssh")."\n"; + } + } elsif ($distro =~ /^(suse|sles)/) { print &mt('Use [_1] to configure the firewall to allow access for [_2].', 'yast -- Security and Users -> Firewall -> Interfaces', - 'ssh, http, https')."\n"; + 'ssh, http, https')."\n"; } elsif ($distro =~ /^(debian|ubuntu)(\d+)/) { if (($1 eq 'ubuntu') || ($2 > 5)) { print &mt('Use [_1] to configure the firewall to allow access for [_2].', @@ -1503,21 +1736,31 @@ if ($callsub{'firewall'}) { } } } - } elsif ($distro =~ /^scientific/) { + } elsif ($distro =~ /^(scientific|oracle)/) { print &mt('Use [_1] to configure the firewall to allow access for [_2].', 'system-config-firewall-tui -- Customize', 'ssh, http')."\n"; } else { - print &mt('Use [_1] to configure the firewall to allow access for [_2].', - 'setup -- Firewall configuration -> Customize', - 'ssh, http, https')."\n"; + my $version; + if ($distro =~ /^(redhat|centos)(\d+)$/) { + $version = $1; + } + if ($version > 5) { + print &mt('Use [_1] to configure the firewall to allow access for [_2].', + 'system-config-firewall-tui -- Customize', + 'ssh, http')."\n"; + } else { + print &mt('Use [_1] to configure the firewall to allow access for [_2].', + 'setup -- Firewall configuration -> Customize', + 'ssh, http, https')."\n"; + } } } else { &print_and_log(&mt('Skipping Firewall configuration.')."\n"); } if ($callsub{'stopsrvcs'}) { - &kill_extra_services($distro,$recommended->{'stopsrvcs'}); + &kill_extra_services($distro,$recommended->{'stopsrvcs'},$uses_systemctl); } else { &print_and_log(&mt('Skipping stopping unnecessary service ([_1] daemons).',"'cups','memcached'")."\n"); } @@ -1704,7 +1947,7 @@ END } sub kill_extra_services { - my ($distro,$stopsrvcs) = @_; + my ($distro,$stopsrvcs,$uses_systemctl) = @_; if (ref($stopsrvcs) eq 'HASH') { my @stopping = sort(keys(%{$stopsrvcs})); if (@stopping) { @@ -1735,8 +1978,19 @@ sub kill_extra_services { } } &print_and_log(&mt('Removing [_1] from startup.',$service)."\n"); - if ($distro =~ /^(debian|ubuntu)/) { - &print_and_log(`update-rc.d -f $daemon remove`); + if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { + my $version = $1; + if (($distro =~ /^ubuntu/) && ($version > 16)) { + if (ref($uses_systemctl) eq 'HASH') { + if ($uses_systemctl->{$service}) { + if (`systemctl is-enabled $service`) { + &print_and_log(`systemctl disable $service`); + } + } + } + } else { + &print_and_log(`update-rc.d -f $daemon remove`); + } } else { if (ref($uses_systemctl) eq 'HASH') { if ($uses_systemctl->{$service}) { @@ -1787,21 +2041,32 @@ CREATE TABLE IF NOT EXISTS metadata (tit sub setup_mysql_permissions { my ($dbh,$has_pass,@mysql_lc_commands) = @_; my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version(); - my ($usesauth,@mysql_commands); + my ($usesauth,$is_mariadb,$hasauthcol,@mysql_commands); if ($mysqlname =~ /^MariaDB/i) { + $is_mariadb = 1; if ($mysqlversion >= 10.2) { $usesauth = 1; + } elsif ($mysqlversion >= 5.5) { + $hasauthcol = 1; } } else { if (($mysqlversion > 5.7) || (($mysqlversion == 5.7) && ($mysqlsubver > 5))) { $usesauth = 1; + } elsif (($mysqlversion >= 5.6) || (($mysqlversion == 5.5) && ($mysqlsubver >= 7))) { + $hasauthcol = 1; } } if ($usesauth) { - @mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject) VALUES('localhost','www','','','')", - "ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); + @mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')"); + if ($is_mariadb) { + push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); + } else { + push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED WITH mysql_native_password BY 'localhostkey'"); + } + } elsif ($hasauthcol) { + @mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www',password('localhostkey'),'','','','');"); } else { - @mysql_commands = ("INSERT user (Host, User, Password) VALUES('localhost','www',password('localhostkey'));"); + @mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject) VALUES('localhost','www',password('localhostkey'),'','','');"); } if ($mysqlversion < 4) { push (@mysql_commands," @@ -1852,7 +2117,7 @@ INSERT db (Host,Db,User,Select_priv,Inse } } if ($got_passwd) { - my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass); + my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass,$usesauth,$is_mariadb); push(@mysql_commands,@newpass_cmds); } else { print_and_log(&mt('Failed to get MySQL root password from user input.')."\n"); @@ -1861,7 +2126,6 @@ INSERT db (Host,Db,User,Select_priv,Inse if (@mysql_commands) { foreach my $cmd (@mysql_commands) { $dbh->do($cmd) || print $dbh->errstr."\n"; - } } if (@mysql_lc_commands) { @@ -1883,10 +2147,15 @@ INSERT db (Host,Db,User,Select_priv,Inse } sub new_mysql_rootpasswd { - my ($currmysqlpass,$usesauth) = @_; + my ($currmysqlpass,$usesauth,$is_mariadb) = @_; if ($usesauth) { - return ("ALTER USER 'root'\@'localhost' IDENTIFIED BY '$currmysqlpass'", - "FLUSH PRIVILEGES;"); + if ($is_mariadb) { + return ("ALTER USER 'root'\@'localhost' IDENTIFIED BY '$currmysqlpass'", + "FLUSH PRIVILEGES;"); + } else { + return ("ALTER USER 'root'\@'localhost' IDENTIFIED WITH mysql_native_password BY '$currmysqlpass'", + "FLUSH PRIVILEGES;"); + } } else { return ("SET PASSWORD FOR 'root'\@'localhost'=PASSWORD('$currmysqlpass')", "FLUSH PRIVILEGES;"); @@ -1899,7 +2168,7 @@ sub get_mysql_version { my $info = ; chomp($info); close(PIPE); - ($version,$subversion,$name) = ($info =~ /(\d+\.\d+)\.(\d+)\-?(\w*),/); + ($version,$subversion,$name) = ($info =~ /(\d+\.\d+)\.(\d+)(?:\-?(\w*),|)/); } else { print &mt('Could not determine which version of MySQL is installed.'). "\n"; @@ -1917,7 +2186,7 @@ sub get_mysql_version { sub copy_httpd_conf { my ($instdir,$distro) = @_; my $configfile = 'httpd.conf'; - if ($distro =~ /^(?:centos|rhes|scientific)(\d+)$/) { + if ($distro =~ /^(?:centos|rhes|scientific|oracle)(\d+)$/) { if ($1 >= 7) { $configfile = 'apache2.4/httpd.conf'; } elsif ($1 > 5) { @@ -1938,6 +2207,50 @@ sub copy_httpd_conf { print_and_log("\n"); } +########################################################### +## +## RHEL/CentOS/Fedora/Scientific Linux +## Copy LON-CAPA mpm.conf to /etc/httpd/conf.modules.d/00-mpm.conf +## +## The LON-CAPA mpm.conf enables the prefork MPM module in +## Apache. This is also the default for RHEL/CentOS/Oracle +## Linux 7 and earlier, and Fedora 26 and earlier. For more +## recent versions of those distros, the event MPM is enabled +## by default. After ©_mpm_conf() is run, the prefork MPM +## module will be enabled instead of the event MPM module. +## +########################################################### + +sub copy_mpm_conf { + my ($instdir,$distro) = @_; + my $mpmfile = 'mpm.conf'; + if ((-e "/etc/httpd/conf.modules.d/00-mpm.conf") && + (-e "$instdir/centos-rhes-fedora-sl/$mpmfile")) { + print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].',"'mpm.conf'", + "'/etc/httpd/conf.modules.d/00-mpm.conf'")."\n"); + copy "$instdir/centos-rhes-fedora-sl/$mpmfile","/etc/httpd/conf.modules.d/00-mpm.conf"; + chmod(0644,"/etc/httpd/conf.modules.d/00-mpm.conf"); + print_and_log("\n"); + } else { + my $logfail; + if ($distro =~ /^(?:centos|rhes|scientific|oracle)(\d+)$/) { + if ($1 > 7) { + $logfail = 1; + } + } elsif ($distro =~ /^fedora(\d+)$/) { + if ($1 > 26) { + $logfail = 1; + } + } + if ($logfail) { + print_and_log(&mt('Warning: copying the LON-CAPA [_1] failed because [_2] and/or [_3] are missing.', + $mpmfile,"'$instdir/centos-rhes-fedora-sl/$mpmfile'", + "'/etc/httpd/conf.modules.d/00-mpm.conf'")); + print_and_log("\n"); + } + } +} + ######################################################### ## ## Ubuntu/Debian -- copy our loncapa configuration file to @@ -1966,35 +2279,116 @@ sub copy_apache2_debconf { if (($distname eq 'ubuntu') && ($version > 12)) { $defaultconfig = "$apache2_sites_enabled_dir/000-default.conf"; } - if (-l $defaultconfig) { - unlink($defaultconfig); - } + my ($skipconf,$skipsite,$skipstatus); if (($distname eq 'ubuntu') && ($version > 12)) { - print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from conf-enabled.',"'apache2'","'/etc/apache2/conf-available'","'loncapa.conf symlink'")."\n"); my $apache2_conf_enabled_dir = '/etc/apache2/conf-enabled'; my $apache2_conf_available_dir = '/etc/apache2/conf-available'; - if (-e "$apache2_conf_available_dir/loncapa") { - copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.original"); - } my $defaultconf = $apache2_conf_enabled_dir.'/loncapa.conf'; - copy("$instdir/debian-ubuntu/ubuntu14/loncapa_conf","$apache2_conf_available_dir/loncapa"); - chmod(0444,"$apache2_conf_available_dir/loncapa"); - if (-l $defaultconf) { - unlink($defaultconf); - } - symlink("$apache2_conf_available_dir/loncapa","$defaultconf"); - print_and_log(&mt('Copying loncapa [_1] site file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default.conf symlink'")."\n"); - copy("$instdir/debian-ubuntu/ubuntu14/loncapa_site","$apache2_sites_available_dir/loncapa"); - chmod(0444,"$apache2_sites_available_dir/loncapa"); - symlink("$apache2_sites_available_dir/loncapa","$defaultconfig"); - } else { - print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default symlink'")."\n"); - if (-e "$apache2_sites_available_dir/loncapa") { - copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.original"); - } - copy("$instdir/debian-ubuntu/loncapa","$apache2_sites_available_dir/loncapa"); - chmod(0444,"$apache2_sites_available_dir/loncapa"); - symlink("$apache2_sites_available_dir/loncapa","$apache2_sites_enabled_dir/000-default"); + if ((-e "$apache2_conf_available_dir/loncapa") && (-e "$instdir/debian-ubuntu/ubuntu14/loncapa_conf")) { + if (open(PIPE, "diff --brief $apache2_conf_available_dir/loncapa $instdir/debian-ubuntu/ubuntu14/loncapa_conf |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + if ($diffres) { + copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.original"); + } + if (-l $defaultconf) { + my $linkfname = readlink($defaultconf); + if ($linkfname eq "$apache2_conf_available_dir/loncapa") { + unless ($diffres) { + $skipconf = 1; + } + } + } + } + } + unless ($skipconf) { + print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from conf-enabled.',"'apache2'","'/etc/apache2/conf-available'","'loncapa.conf symlink'")."\n"); + copy("$instdir/debian-ubuntu/ubuntu14/loncapa_conf","$apache2_conf_available_dir/loncapa"); + chmod(0444,"$apache2_conf_available_dir/loncapa"); + if (-l $defaultconf) { + unlink($defaultconf); + } + symlink("$apache2_conf_available_dir/loncapa","$defaultconf"); + } + my $stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_site"; + if ((-e $stdsite) && (-e "$apache2_sites_available_dir/loncapa")) { + if (open(PIPE, "diff --brief $stdsite $apache2_sites_available_dir/loncapa |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + if ($diffres) { + copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.original"); + } + if (-l $defaultconfig) { + my $linkfname = readlink($defaultconfig); + if ($linkfname eq "$apache2_sites_available_dir/loncapa") { + unless ($diffres) { + $skipsite = 1; + } + } + } + } + } + unless ($skipsite) { + print_and_log(&mt('Copying loncapa [_1] site file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default.conf symlink'")."\n"); + copy("$instdir/debian-ubuntu/ubuntu14/loncapa_site","$apache2_sites_available_dir/loncapa"); + chmod(0444,"$apache2_sites_available_dir/loncapa"); + symlink("$apache2_sites_available_dir/loncapa","$defaultconfig"); + } + } else { + if ((-e "$instdir/debian-ubuntu/loncapa") && (-e "$apache2_sites_available_dir/loncapa")) { + if (open(PIPE, "diff --brief $instdir/debian-ubuntu/loncapa $apache2_sites_available_dir/loncapa |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + if ($diffres) { + copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.original"); + } + if (-l $defaultconfig) { + my $linkfname = readlink($defaultconfig); + if ($linkfname eq "$apache2_sites_available_dir/loncapa") { + unless ($diffres) { + $skipsite = 1; + } + } + } + } + } + unless ($skipsite) { + if (-l $defaultconfig) { + unlink($defaultconfig); + } + print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default symlink'")."\n"); + if (-e "$instdir/debian-ubuntu/loncapa") { + copy("$instdir/debian-ubuntu/loncapa","$apache2_sites_available_dir/loncapa"); + chmod(0444,"$apache2_sites_available_dir/loncapa"); + symlink("$apache2_sites_available_dir/loncapa","$apache2_sites_enabled_dir/000-default"); + } + } + } + if ($distname eq 'ubuntu') { + my $sitestatus = "$apache2_mods_available_dir/status.conf"; + my $stdstatus = "$instdir/debian-ubuntu/status.conf"; + if ((-e $sitestatus) && (-e $stdstatus)) { + if (open(PIPE, "diff --brief $stdstatus $sitestatus |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + if ($diffres) { + copy("$apache2_mods_available_dir/status.conf","$apache2_mods_available_dir/status.conf.original"); + } else { + $skipstatus = 1; + } + } + } + unless ($skipstatus) { + if (-e $stdstatus) { + print_and_log(&mt('Copying loncapa [_1] file to [_2],',"'status.conf'","'/etc/apache2/mods-available/status.conf'")."\n"); + copy($stdstatus,$sitestatus); + chmod(0644,$sitestatus); + } + } } print_and_log("\n"); } @@ -2008,14 +2402,19 @@ sub copy_apache2_debconf { ########################################################### sub copy_apache2_suseconf { - my ($instdir) = @_; + my ($instdir,$distro) = @_; + my ($name,$version) = ($distro =~ /^(suse|sles)([\d\.]+)$/); + my $conf_file = "$instdir/sles-suse/default-server.conf"; + if (($name eq 'sles') && ($version >= 12)) { + $conf_file = "$instdir/sles-suse/apache2.4/default-server.conf"; + } print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].', "'default-server.conf'", "'/etc/apache2/default-server.conf'")."\n"); if (!-e "/etc/apache2/default-server.conf.original") { copy "/etc/apache2/default-server.conf","/etc/apache2/default-server.conf.original"; } - copy "$instdir/sles-suse/default-server.conf","/etc/apache2/default-server.conf"; + copy $conf_file,"/etc/apache2/default-server.conf"; chmod(0444,"/etc/apache2/default-server.conf"); # Make symlink for conf directory (included in loncapa_apache.conf) my $can_symlink = (eval { symlink('/etc/apache2','/srv/www/conf'); }, $@ eq ''); @@ -2026,7 +2425,7 @@ sub copy_apache2_suseconf { &print_and_log(&mt('Symlink creation failed for [_1] to [_2]. You will need to perform this action from the command line.',"'/srv/www/conf'","'/etc/apache2'")."\n"); } ©_apache2_conf_files($instdir); - ©_sysconfig_apache2_file($instdir); + ©_sysconfig_apache2_file($instdir,$name,$version); print_and_log("\n"); } @@ -2052,12 +2451,16 @@ sub copy_apache2_conf_files { ## ############################################### sub copy_sysconfig_apache2_file { - my ($instdir) = @_; + my ($instdir,$name,$version) = @_; print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].',"'sysconfig/apache2'","'/etc/sysconfig/apache2'")."\n"); if (!-e "/etc/sysconfig/apache2.original") { copy "/etc/sysconfig/apache2","/etc/sysconfig/apache2.original"; } - copy "$instdir/sles-suse/sysconfig_apache2","/etc/sysconfig/apache2"; + my $sysconf_file = "$instdir/sles-suse/sysconfig_apache2"; + if (($name eq 'sles') && ($version >= 12)) { + $sysconf_file = "$instdir/sles-suse/apache2.4/sysconfig_apache2"; + } + copy $sysconf_file,"/etc/sysconfig/apache2"; chmod(0444,"/etc/sysconfig/apache2"); } @@ -2185,7 +2588,7 @@ wget http://install.loncapa.org/versions print &mt('LON-CAPA source files extracted.')."\n". &mt('It remains for you to execute the following commands:')." -cd /root/loncapa-N.N (N.N should correspond to a version number like '0.4') +cd /root/loncapa-X.Y.Z (X.Y.Z should correspond to a version number like '2.11.3') ./UPDATE ".&mt('If you have any trouble, please see [_1] and [_2]', 500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.